From 6dddc0bfcb79615b8be470a5e16918360d57cadb Mon Sep 17 00:00:00 2001
From: Garrett D'Amore <garrett@damore.org>
Date: Tue, 9 Jan 2018 18:42:28 -0800
Subject: fixes #186 Suggested API changes for nng TLS certs

---
 docs/nng_tls_config_ca_chain.adoc | 81 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 81 insertions(+)
 create mode 100644 docs/nng_tls_config_ca_chain.adoc

(limited to 'docs/nng_tls_config_ca_chain.adoc')

diff --git a/docs/nng_tls_config_ca_chain.adoc b/docs/nng_tls_config_ca_chain.adoc
new file mode 100644
index 00000000..2888c032
--- /dev/null
+++ b/docs/nng_tls_config_ca_chain.adoc
@@ -0,0 +1,81 @@
+nng_tls_config_ca_chain(3)
+==========================
+:doctype: manpage
+:manmanual: nng
+:mansource: nng
+:manvolnum: 3
+:icons: font
+:source-highlighter: pygments
+:copyright: Copyright 2018 Staysail Systems, Inc. <info@staysail.tech> \
+            Copyright 2018 Capitar IT Group BV <info@capitar.com> \
+            This software is supplied under the terms of the MIT License, a \
+            copy of which should be located in the distribution where this \
+            file was obtained (LICENSE.txt).  A copy of the license may also \
+            be found online at https://opensource.org/licenses/MIT.
+
+NAME
+----
+nng_tls_config_ca_chain - configure certificate authority certificate chain
+
+SYNOPSIS
+--------
+
+[source, c]
+-----------
+#include <nng/nng.h>
+
+int nng_tls_config_ca_cert(nni_tls_config *cfg, const char *chain,
+    const char *crl)
+-----------
+
+DESCRIPTION
+-----------
+
+The `nng_tls_config_ca_chain()` function configures a certificate or
+certificate chain to be used when validating peers using the configuragion
+'cfg'.
+
+NOTE: This function *must* be called when the TLS authentication mode SYNOPSIS
+`NNG_TLS_AUTH_MODE_REQUIRED` or `NNG_TLS_AUTH_MODE_OPTIONAL`.  It will have
+no effect if the authentication mode is `NNG_TLS_AUTH_MODE_NONE`.
+
+TIP: This function may be called multiple times, to add additional chains
+to a configuration, without affecting those added previously.
+
+The certificates located in 'chain' must be a NUL terminated C string in
+https://tools.ietf.org/html/rfc7468[PEM] format.  Multiple certificates may
+appear concatenated together, with the leaf certificate listed first.
+together.
+
+The 'crl' may be NULL, or may also be a C string containing a PEM format
+certificate revocation list for the associated authority.
+
+RETURN VALUES
+-------------
+
+This function returns 0 on success, and non-zero otherwise.
+
+ERRORS
+------
+
+`NNG_ENOMEM`:: Insufficient memory is available.
+`NNG_EBUSY`:: The configuration 'cfg' is already in use, and cannot be modified.
+`NNG_EINVAL`:: An invalid 'chain' or 'size' was supplied.
+
+SEE ALSO
+--------
+
+<<nng_strerror#,nng_strerror(3)>>,
+<<nng_tls_config_alloc#,nng_tls_config_alloc(3)>>,
+<<nng_tls_config_auth_mode#,nng_tls_config_auth_mode(3)>>,
+<<nng#,nng(7)>>
+
+
+COPYRIGHT
+---------
+
+Copyright 2018 mailto:info@staysail.tech[Staysail Systems, Inc.] +
+Copyright 2018 mailto:info@capitar.com[Capitar IT Group BV]
+
+This document is supplied under the terms of the
+https://opensource.org/licenses/MIT[MIT License].
-- 
cgit v1.2.3-70-g09d2